diff --git a/pom.xml b/pom.xml
index 818fda0df12afd66869e6c440d905ddb4e592e5a..e5f4eb9ca0aece80a8a3fd1d50986a31b68cfe61 100644
--- a/pom.xml
+++ b/pom.xml
@@ -32,6 +32,12 @@
             <artifactId>springfox-swagger-ui</artifactId>
             <version>2.9.2</version>
         </dependency>
+        <!-- 解决访问swagger-ui文档报错问题 -->
+        <dependency>
+            <groupId>io.swagger</groupId>
+            <artifactId>swagger-models</artifactId>
+            <version>1.5.21</version>
+        </dependency>
 
         <!-- swagger 导出需要的jar-->
         <dependency>
@@ -159,65 +165,65 @@
                 <artifactId>spring-boot-maven-plugin</artifactId>
             </plugin>
 
-<!--            &lt;!&ndash;此插件生成HTML和PDF&ndash;&gt;-->
-<!--            <plugin>-->
-<!--                <groupId>org.asciidoctor</groupId>-->
-<!--                <artifactId>asciidoctor-maven-plugin</artifactId>-->
-<!--                <version>1.5.3</version>-->
-<!--                &lt;!&ndash; Include Asciidoctor PDF for pdf generation &ndash;&gt;-->
-<!--                <dependencies>-->
-<!--                    <dependency>-->
-<!--                        <groupId>org.asciidoctor</groupId>-->
-<!--                        <artifactId>asciidoctorj-pdf</artifactId>-->
-<!--                        <version>1.5.0-alpha.11</version>-->
-<!--                    </dependency>-->
-<!--                    <dependency>-->
-<!--                        <groupId>org.jruby</groupId>-->
-<!--                        <artifactId>jruby-complete</artifactId>-->
-<!--                        <version>1.7.21</version>-->
-<!--                    </dependency>-->
-<!--                </dependencies>-->
-<!--                &lt;!&ndash; asciildoc 文件目录&ndash;&gt;-->
-<!--                <configuration>-->
-<!--                    <sourceDirectory>/src/main/resources/docs</sourceDirectory>-->
-<!--                    &lt;!&ndash;生成HTML的目录&ndash;&gt;-->
-<!--                    &lt;!&ndash;                    <outputDirectory>/src/main/resources/html</outputDirectory>&ndash;&gt;-->
-<!--                    &lt;!&ndash;                    <backend>html</backend>&ndash;&gt;-->
-<!--                    <sourceHighlighter>coderay</sourceHighlighter>-->
-<!--                    <attributes>-->
-<!--                        &lt;!&ndash;导航栏在左侧&ndash;&gt;-->
-<!--                        <toc>left</toc>-->
-<!--                        &lt;!&ndash;自动打数字序号&ndash;&gt;-->
-<!--                        <sectnums>true</sectnums>-->
-<!--                    </attributes>-->
-<!--                </configuration>-->
-<!--                &lt;!&ndash; Since each execution can only handle one backend, run-->
-<!--                     separate executions for each desired output type &ndash;&gt;-->
-<!--                <executions>-->
-<!--                    <execution>-->
-<!--                        <id>output-html</id>-->
-<!--                        <phase>generate-resources</phase>-->
-<!--                        <goals>-->
-<!--                            <goal>process-asciidoc</goal>-->
-<!--                        </goals>-->
-<!--                        <configuration>-->
-<!--                            <backend>html5</backend>-->
-<!--                            <outputDirectory>/src/main/resources/html</outputDirectory>-->
-<!--                        </configuration>-->
-<!--                    </execution>-->
-<!--                    <execution>-->
-<!--                        <id>output-pdf</id>-->
-<!--                        <phase>generate-resources</phase>-->
-<!--                        <goals>-->
-<!--                            <goal>process-asciidoc</goal>-->
-<!--                        </goals>-->
-<!--                        <configuration>-->
-<!--                            <backend>pdf</backend>-->
-<!--                            <outputDirectory>/src/main/resources/html</outputDirectory>-->
-<!--                        </configuration>-->
-<!--                    </execution>-->
-<!--                </executions>-->
-<!--            </plugin>-->
+            <!--            &lt;!&ndash;此插件生成HTML和PDF&ndash;&gt;-->
+            <!--            <plugin>-->
+            <!--                <groupId>org.asciidoctor</groupId>-->
+            <!--                <artifactId>asciidoctor-maven-plugin</artifactId>-->
+            <!--                <version>1.5.3</version>-->
+            <!--                &lt;!&ndash; Include Asciidoctor PDF for pdf generation &ndash;&gt;-->
+            <!--                <dependencies>-->
+            <!--                    <dependency>-->
+            <!--                        <groupId>org.asciidoctor</groupId>-->
+            <!--                        <artifactId>asciidoctorj-pdf</artifactId>-->
+            <!--                        <version>1.5.0-alpha.11</version>-->
+            <!--                    </dependency>-->
+            <!--                    <dependency>-->
+            <!--                        <groupId>org.jruby</groupId>-->
+            <!--                        <artifactId>jruby-complete</artifactId>-->
+            <!--                        <version>1.7.21</version>-->
+            <!--                    </dependency>-->
+            <!--                </dependencies>-->
+            <!--                &lt;!&ndash; asciildoc 文件目录&ndash;&gt;-->
+            <!--                <configuration>-->
+            <!--                    <sourceDirectory>/src/main/resources/docs</sourceDirectory>-->
+            <!--                    &lt;!&ndash;生成HTML的目录&ndash;&gt;-->
+            <!--                    &lt;!&ndash;                    <outputDirectory>/src/main/resources/html</outputDirectory>&ndash;&gt;-->
+            <!--                    &lt;!&ndash;                    <backend>html</backend>&ndash;&gt;-->
+            <!--                    <sourceHighlighter>coderay</sourceHighlighter>-->
+            <!--                    <attributes>-->
+            <!--                        &lt;!&ndash;导航栏在左侧&ndash;&gt;-->
+            <!--                        <toc>left</toc>-->
+            <!--                        &lt;!&ndash;自动打数字序号&ndash;&gt;-->
+            <!--                        <sectnums>true</sectnums>-->
+            <!--                    </attributes>-->
+            <!--                </configuration>-->
+            <!--                &lt;!&ndash; Since each execution can only handle one backend, run-->
+            <!--                     separate executions for each desired output type &ndash;&gt;-->
+            <!--                <executions>-->
+            <!--                    <execution>-->
+            <!--                        <id>output-html</id>-->
+            <!--                        <phase>generate-resources</phase>-->
+            <!--                        <goals>-->
+            <!--                            <goal>process-asciidoc</goal>-->
+            <!--                        </goals>-->
+            <!--                        <configuration>-->
+            <!--                            <backend>html5</backend>-->
+            <!--                            <outputDirectory>/src/main/resources/html</outputDirectory>-->
+            <!--                        </configuration>-->
+            <!--                    </execution>-->
+            <!--                    <execution>-->
+            <!--                        <id>output-pdf</id>-->
+            <!--                        <phase>generate-resources</phase>-->
+            <!--                        <goals>-->
+            <!--                            <goal>process-asciidoc</goal>-->
+            <!--                        </goals>-->
+            <!--                        <configuration>-->
+            <!--                            <backend>pdf</backend>-->
+            <!--                            <outputDirectory>/src/main/resources/html</outputDirectory>-->
+            <!--                        </configuration>-->
+            <!--                    </execution>-->
+            <!--                </executions>-->
+            <!--            </plugin>-->
         </plugins>
     </build>
 
diff --git a/src/main/java/com/stu/stusystem/config/MyShiroConfig.java b/src/main/java/com/stu/stusystem/config/MyShiroConfig.java
index 135431146362ad186dbcf2a3e2d16651569831ef..0cc5a919d86fe7b7a9615f03bf0b82f7bfb9bd5c 100644
--- a/src/main/java/com/stu/stusystem/config/MyShiroConfig.java
+++ b/src/main/java/com/stu/stusystem/config/MyShiroConfig.java
@@ -34,11 +34,11 @@ public class MyShiroConfig {
     public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("defaultWebSecurity") DefaultWebSecurityManager defaultWebSecurityManager) {
         ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
 
-        // 设置安全管理器
+        // Shiro的核心安全接口,这个属性是必须的
         shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
 
-        // 未登录时候跳转链接
-        // shiroFilterFactoryBean.setLoginUrl("/index");
+        // 未登录时候跳转链接，还可以通过类继承AuthenticationFilter方式配置
+         shiroFilterFactoryBean.setLoginUrl("/notLogin");
 
         // 登录成功后要跳转的链接
         // shiroFilterFactoryBean.setSuccessUrl("/index");
@@ -46,11 +46,6 @@ public class MyShiroConfig {
         // 未授权界面
         // shiroFilterFactoryBean.setUnauthorizedUrl("/403");
 
-        // 设置shiro内置过滤器
-        Map<String, Filter> filters = new HashMap<>();
-        ShiroAuthenticationFilter authenticationFilter = new ShiroAuthenticationFilter();
-        filters.put("authc", authenticationFilter);
-        shiroFilterFactoryBean.setFilters(filters);
         // 拦截器
         Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
         filterChainDefinitionMap.put("/static/**", "anon");
diff --git a/src/main/java/com/stu/stusystem/config/MyShiroRealm.java b/src/main/java/com/stu/stusystem/config/MyShiroRealm.java
index 3706d5a29e38cd4fc97e2cdeca96b0faaf9fae5d..fe660a3dbd685c0c14287deb5c50a038daabfe59 100644
--- a/src/main/java/com/stu/stusystem/config/MyShiroRealm.java
+++ b/src/main/java/com/stu/stusystem/config/MyShiroRealm.java
@@ -1,6 +1,7 @@
 package com.stu.stusystem.config;
 
 import com.stu.stusystem.mapper.system.StuMapper;
+import com.stu.stusystem.model.em.Jurisdiction;
 import com.stu.stusystem.model.system.StuUser;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
@@ -13,12 +14,16 @@ import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import java.util.HashSet;
+import java.util.Set;
+
 /**
  * @author cxt
  * @date 2020/9/10
  */
 @Slf4j
 public class MyShiroRealm extends AuthorizingRealm {
+
     private StuMapper stuMapper;
 
     /**
@@ -29,9 +34,22 @@ public class MyShiroRealm extends AuthorizingRealm {
         SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
         StuUser user = (StuUser) principals.getPrimaryPrincipal();
         log.info("登陆授权,user={}", user);
-//        Set<String> roles = new HashSet<>();
-//        roles.add(user.getPassword());
-//        info.setRoles(roles);
+        // 角色列表
+        Set<String> roles = new HashSet<>();
+        // 功能列表
+        Set<String> menus = new HashSet<>();
+        if (user.getJurisdiction() == Jurisdiction.ADMIN) {
+            info.addRole("admin");
+            info.addStringPermission("*:*:*");
+        } else {
+//            roles = roleService.selectRoleKeys(user.getUserId());      // 查询角色表
+//            menus = menuService.selectPermsByUserId(user.getUserId()); // 查询数据库(角色表和菜单表)，角色id对应菜单权限id
+
+            // 角色加入AuthorizationInfo认证对象
+            info.setRoles(roles);
+            // 权限加入AuthorizationInfo认证对象
+            info.setStringPermissions(menus);
+        }
         return info;
     }
 
diff --git a/src/main/java/com/stu/stusystem/config/ShiroAuthenticationFilter.java b/src/main/java/com/stu/stusystem/config/ShiroAuthenticationFilter.java
deleted file mode 100644
index 0f7849420db62f1828434fe306cc2bf98d78b9cf..0000000000000000000000000000000000000000
--- a/src/main/java/com/stu/stusystem/config/ShiroAuthenticationFilter.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package com.stu.stusystem.config;
-
-import com.alibaba.fastjson.JSONObject;
-import com.stu.stusystem.common.ApiResult;
-import org.apache.shiro.web.filter.authc.AuthenticationFilter;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * @author: cxt
- * @time: 2021/3/11
- */
-public class ShiroAuthenticationFilter extends AuthenticationFilter {
-    @Override
-    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
-        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
-        httpServletResponse.setCharacterEncoding("UTF-8");
-        httpServletResponse.setContentType("application/json");
-        // 在用户未登录时候请求地址，返回json数据
-        ApiResult<Object> error = ApiResult.error(401, "未登录或会话超时，请重新登录!");
-        httpServletResponse.setStatus(401);
-        httpServletResponse.getWriter().write(JSONObject.toJSON(error).toString());
-        return false;
-    }
-
-//    判断是否是ajax请求
-//    private boolean isAjax(ServletRequest request) {
-//        String header = ((HttpServletRequest) request).getHeader("X-Requested-With");
-//        if ("XMLHttpRequest".equalsIgnoreCase(header)) {
-//            return Boolean.TRUE;
-//        }
-//        return Boolean.FALSE;
-//    }
-}
diff --git a/src/main/java/com/stu/stusystem/controller/LoginController.java b/src/main/java/com/stu/stusystem/controller/LoginController.java
index 263d9a24dc79c6dd7d319196504ed8f3922009ad..ff98096416974b9893529a8c777a9ef3e0959216 100644
--- a/src/main/java/com/stu/stusystem/controller/LoginController.java
+++ b/src/main/java/com/stu/stusystem/controller/LoginController.java
@@ -2,10 +2,10 @@ package com.stu.stusystem.controller;
 
 import com.stu.stusystem.common.ApiException;
 import com.stu.stusystem.common.ApiResult;
-import com.stu.stusystem.service.dto.RegisterDTO;
-import com.stu.stusystem.service.dto.StuUserDTO;
 import com.stu.stusystem.model.system.StuUser;
 import com.stu.stusystem.service.LoginService;
+import com.stu.stusystem.service.dto.RegisterDTO;
+import com.stu.stusystem.service.dto.StuUserDTO;
 import com.stu.stusystem.service.vo.LoginVO;
 import com.stu.stusystem.util.ValidateCodeUtil;
 import io.swagger.annotations.Api;
@@ -35,6 +35,13 @@ public class LoginController {
         return "/index";
     }
 
+    @GetMapping("/notLogin")
+    @ResponseBody
+    @ApiOperation("未登录")
+    public ApiResult<String> notLogin() {
+        return ApiResult.error(401, "未登录或会话超时，请重新登录!");
+    }
+
     @GetMapping("/logout")
     @ResponseBody
     @ApiOperation("登出")
diff --git a/src/main/java/com/stu/stusystem/controller/system/StuClassController.java b/src/main/java/com/stu/stusystem/controller/system/StuClassController.java
index 57747952f93b0a21fd1412e7a8ff21433c1a1f6b..edae44ab4894509cdf67d6843acfc14c914d1ed4 100644
--- a/src/main/java/com/stu/stusystem/controller/system/StuClassController.java
+++ b/src/main/java/com/stu/stusystem/controller/system/StuClassController.java
@@ -6,6 +6,7 @@ import com.stu.stusystem.service.system.StuClassService;
 import com.stu.stusystem.service.system.dto.StuClassDTO;
 import com.stu.stusystem.service.system.dto.StuClassQuery;
 import com.stu.stusystem.service.system.vo.StuClassVO;
+import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
@@ -16,6 +17,7 @@ import java.util.List;
  * @author: cxt
  * @time: 2021/3/24
  */
+@Api(tags = "班级管理")
 @RestController
 @RequestMapping("/stu/class")
 public class StuClassController {
@@ -51,8 +53,8 @@ public class StuClassController {
 
     @ApiOperation("查询所有班级id、名字")
     @GetMapping("/get/treeData")
-    public List<Object> getStuClassTreeData(){
-       return this.stuClassService.getStuClassTreeData();
+    public List<Object> getStuClassTreeData() {
+        return this.stuClassService.getStuClassTreeData();
     }
 
     @Autowired
diff --git a/src/main/java/com/stu/stusystem/controller/system/UserManagerController.java b/src/main/java/com/stu/stusystem/controller/system/UserManagerController.java
index 38ff2c9d451df23020aeb9914e6b58358a372b9e..7817b78398e385bf23178624a429846fae75ca8d 100644
--- a/src/main/java/com/stu/stusystem/controller/system/UserManagerController.java
+++ b/src/main/java/com/stu/stusystem/controller/system/UserManagerController.java
@@ -2,12 +2,13 @@ package com.stu.stusystem.controller.system;
 
 import com.github.pagehelper.PageInfo;
 import com.stu.stusystem.common.ApiResult;
-import com.stu.stusystem.service.dto.RegisterDTO;
 import com.stu.stusystem.service.LoginService;
+import com.stu.stusystem.service.dto.RegisterDTO;
 import com.stu.stusystem.service.system.UserManagerService;
 import com.stu.stusystem.service.system.dto.UserManagerDTO;
 import com.stu.stusystem.service.system.dto.UserManagerQuery;
 import com.stu.stusystem.service.system.vo.StuUserVO;
+import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -18,6 +19,7 @@ import org.springframework.web.bind.annotation.*;
  * @date 2020/9/21
  * 用户管理：根据权限查询用户列表
  */
+@Api(tags = "用户管理")
 @RestController
 @Slf4j
 @RequestMapping("/manager/stu")
diff --git a/src/main/java/com/stu/stusystem/model/system/Menu.java b/src/main/java/com/stu/stusystem/model/system/Menu.java
index 406cc38899bedd61b332b4b2c7f2a1da8d852050..14845402817a6245ddd120afe61fbe205ab6bd8a 100644
--- a/src/main/java/com/stu/stusystem/model/system/Menu.java
+++ b/src/main/java/com/stu/stusystem/model/system/Menu.java
@@ -26,6 +26,9 @@ public class Menu extends BaseModel {
     // 页面url
     private String url;
 
+    // 权限code
+    private String code;
+
     // 父级id
     private String pid;
 
diff --git a/src/main/java/com/stu/stusystem/service/system/dto/MenuDTO.java b/src/main/java/com/stu/stusystem/service/system/dto/MenuDTO.java
index 3ca43d000bcf039482037cf7512567e1977b8c54..cb0213f724aa6ee0b94a629c6629c38aac4a55ec 100644
--- a/src/main/java/com/stu/stusystem/service/system/dto/MenuDTO.java
+++ b/src/main/java/com/stu/stusystem/service/system/dto/MenuDTO.java
@@ -24,6 +24,9 @@ public class MenuDTO {
     @ApiModelProperty("页面url")
     private String url;
 
+    @ApiModelProperty("权限code")
+    private String code;
+
     @ApiModelProperty("父级id")
     private String pid;
 
diff --git a/src/main/java/com/stu/stusystem/service/system/vo/MenuVO.java b/src/main/java/com/stu/stusystem/service/system/vo/MenuVO.java
index 84800dea845a46728a5ee1e8e71c08a2b8782f1f..af81fbe16e94029b47b8047277e96088e6ba62b7 100644
--- a/src/main/java/com/stu/stusystem/service/system/vo/MenuVO.java
+++ b/src/main/java/com/stu/stusystem/service/system/vo/MenuVO.java
@@ -24,6 +24,9 @@ public class MenuVO {
     @ApiModelProperty("页面url")
     private String url;
 
+    @ApiModelProperty("权限code")
+    private String code;
+
     @ApiModelProperty("父级id")
     private String pid;
 
diff --git a/src/main/resources/config/liquibase/20210329_creat_table_menu.xml b/src/main/resources/config/liquibase/20210329_creat_table_menu.xml
index 10efe63422578d9ecce4a0ff508690c9df146bcd..1a4369beba6c367d585fa6402122df5853e99ea1 100644
--- a/src/main/resources/config/liquibase/20210329_creat_table_menu.xml
+++ b/src/main/resources/config/liquibase/20210329_creat_table_menu.xml
@@ -29,6 +29,10 @@
                 <constraints nullable="true"/>
             </column>
 
+            <column name="code" type="varchar(100)" remarks="权限code">
+                <constraints nullable="false"/>
+            </column>
+
             <column name="pid" type="varchar(22)" remarks="父级id">
                 <constraints nullable="true"/>
             </column>